CVE-2025-62421 | DataEase up to 2.10.13 StaticResourceApi Interface upload/ path cross site scripting (GHSA-2wmv-rr3p-pf43)

A vulnerability, which was classified as problematic, was found in DataEase up to 2.10.13. This affects an unknown function of the file upload/ of the component StaticResourceApi Interface. The manipulation of the argument path results in cross site scripting.

This vulnerability is cataloged as CVE-2025-62421. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More